A heap-based buffer overflow vulnerability was found in GitHub repository vim/vim prior to 9.0.1376 in Vim's utf_ptr2char function of the src/mbyte.c file. This flaw occurs because there is access to invalid memory with put in visual block mode. An attacker can trick a user into opening a specially crafted file, triggering an out-of-bounds read that causes an application to crash, leading to a denial of service. Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402